New cipher algorithms 'serpent-128', 'serpent-192' and 'serpent-256' are defined for the Serpent algorithm.
The nettle and gcrypt cipher backends are updated to support the new cipher and a test vector added to the cipher test suite. The new algorithm is enabled in the LUKS block encryption driver. Reviewed-by: Eric Blake <ebl...@redhat.com> Reviewed-by: Fam Zheng <f...@redhat.com> Signed-off-by: Daniel P. Berrange <berra...@redhat.com> --- crypto/cipher-gcrypt.c | 18 ++++++++++++++++++ crypto/cipher-nettle.c | 31 +++++++++++++++++++++++++++++++ crypto/cipher.c | 6 ++++++ qapi/crypto.json | 6 +++++- tests/test-crypto-cipher.c | 39 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 99 insertions(+), 1 deletion(-) diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index aa1d8c5..a667d59 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -30,6 +30,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg) case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: case QCRYPTO_CIPHER_ALG_CAST5_128: + case QCRYPTO_CIPHER_ALG_SERPENT_128: + case QCRYPTO_CIPHER_ALG_SERPENT_192: + case QCRYPTO_CIPHER_ALG_SERPENT_256: return true; default: return false; @@ -89,6 +92,18 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcryalg = GCRY_CIPHER_CAST5; break; + case QCRYPTO_CIPHER_ALG_SERPENT_128: + gcryalg = GCRY_CIPHER_SERPENT128; + break; + + case QCRYPTO_CIPHER_ALG_SERPENT_192: + gcryalg = GCRY_CIPHER_SERPENT192; + break; + + case QCRYPTO_CIPHER_ALG_SERPENT_256: + gcryalg = GCRY_CIPHER_SERPENT256; + break; + default: error_setg(errp, "Unsupported cipher algorithm %d", alg); return NULL; @@ -122,6 +137,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + case QCRYPTO_CIPHER_ALG_SERPENT_128: + case QCRYPTO_CIPHER_ALG_SERPENT_192: + case QCRYPTO_CIPHER_ALG_SERPENT_256: ctx->blocksize = 16; break; case QCRYPTO_CIPHER_ALG_CAST5_128: diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index cfa69cc..74b55ab 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -24,6 +24,7 @@ #include <nettle/des.h> #include <nettle/cbc.h> #include <nettle/cast128.h> +#include <nettle/serpent.h> #if CONFIG_NETTLE_VERSION_MAJOR < 3 typedef nettle_crypt_func nettle_cipher_func; @@ -76,6 +77,18 @@ static void cast128_decrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, cast128_decrypt(ctx, length, dst, src); } +static void serpent_encrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + serpent_encrypt(ctx, length, dst, src); +} + +static void serpent_decrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + serpent_decrypt(ctx, length, dst, src); +} + typedef struct QCryptoCipherNettle QCryptoCipherNettle; struct QCryptoCipherNettle { void *ctx_encrypt; @@ -94,6 +107,9 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg) case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: case QCRYPTO_CIPHER_ALG_CAST5_128: + case QCRYPTO_CIPHER_ALG_SERPENT_128: + case QCRYPTO_CIPHER_ALG_SERPENT_192: + case QCRYPTO_CIPHER_ALG_SERPENT_256: return true; default: return false; @@ -169,6 +185,21 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, ctx->blocksize = CAST128_BLOCK_SIZE; break; + + case QCRYPTO_CIPHER_ALG_SERPENT_128: + case QCRYPTO_CIPHER_ALG_SERPENT_192: + case QCRYPTO_CIPHER_ALG_SERPENT_256: + ctx->ctx_encrypt = g_new0(struct serpent_ctx, 1); + ctx->ctx_decrypt = NULL; /* 1 ctx can do both */ + + serpent_set_key(ctx->ctx_encrypt, nkey, key); + + ctx->alg_encrypt = serpent_encrypt_wrapper; + ctx->alg_decrypt = serpent_decrypt_wrapper; + + ctx->blocksize = SERPENT_BLOCK_SIZE; + break; + default: error_setg(errp, "Unsupported cipher algorithm %d", alg); goto error; diff --git a/crypto/cipher.c b/crypto/cipher.c index 9e0a226..0f6fe98 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -28,6 +28,9 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_256] = 32, [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, [QCRYPTO_CIPHER_ALG_CAST5_128] = 16, + [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, + [QCRYPTO_CIPHER_ALG_SERPENT_192] = 24, + [QCRYPTO_CIPHER_ALG_SERPENT_256] = 32, }; static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { @@ -36,6 +39,9 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_256] = 16, [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, [QCRYPTO_CIPHER_ALG_CAST5_128] = 8, + [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, + [QCRYPTO_CIPHER_ALG_SERPENT_192] = 16, + [QCRYPTO_CIPHER_ALG_SERPENT_256] = 16, }; static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { diff --git a/qapi/crypto.json b/qapi/crypto.json index 0550ee7..6738b95 100644 --- a/qapi/crypto.json +++ b/qapi/crypto.json @@ -60,13 +60,17 @@ # @aes-256: AES with 256 bit / 32 byte keys # @des-rfb: RFB specific variant of single DES. Do not use except in VNC. # @cast5-128: Cast5 with 128 bit / 16 byte keys +# @serpent-128: Serpent with 128 bit / 16 byte keys +# @serpent-192: Serpent with 192 bit / 24 byte keys +# @serpent-256: Serpent with 256 bit / 32 byte keys # Since: 2.6 ## { 'enum': 'QCryptoCipherAlgorithm', 'prefix': 'QCRYPTO_CIPHER_ALG', 'data': ['aes-128', 'aes-192', 'aes-256', 'des-rfb', - 'cast5-128']} + 'cast5-128', + 'serpent-128', 'serpent-192', 'serpent-256']} ## diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c index a994ca9..5268723 100644 --- a/tests/test-crypto-cipher.c +++ b/tests/test-crypto-cipher.c @@ -174,6 +174,45 @@ static QCryptoCipherTestData test_data[] = { .plaintext = "0123456789abcdef", .ciphertext = "238b4fe5847e44b2", }, + { + /* libgcrypt serpent.c */ + .path = "/crypto/cipher/serpent-128", + .alg = QCRYPTO_CIPHER_ALG_SERPENT_128, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "00000000000000000000000000000000", + .plaintext = "d29d576fcea3a3a7ed9099f29273d78e", + .ciphertext = "b2288b968ae8b08648d1ce9606fd992d", + }, + { + /* libgcrypt serpent.c */ + .path = "/crypto/cipher/serpent-192", + .alg = QCRYPTO_CIPHER_ALG_SERPENT_192, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "00000000000000000000000000000000" + "0000000000000000", + .plaintext = "d29d576fceaba3a7ed9899f2927bd78e", + .ciphertext = "130e353e1037c22405e8faefb2c3c3e9", + }, + { + /* libgcrypt serpent.c */ + .path = "/crypto/cipher/serpent-256a", + .alg = QCRYPTO_CIPHER_ALG_SERPENT_256, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "00000000000000000000000000000000" + "00000000000000000000000000000000", + .plaintext = "d095576fcea3e3a7ed98d9f29073d78e", + .ciphertext = "b90ee5862de69168f2bdd5125b45472b", + }, + { + /* libgcrypt serpent.c */ + .path = "/crypto/cipher/serpent-256b", + .alg = QCRYPTO_CIPHER_ALG_SERPENT_256, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "00000000000000000000000000000000" + "00000000000000000000000000000000", + .plaintext = "00000000010000000200000003000000", + .ciphertext = "2061a42782bd52ec691ec383b03ba77c", + }, }; -- 2.5.0